[1] FARINHOLT B, REZAEIRAD M, PEARCE P, et al. To catch a ratter: monitoring the behavior of amateur DarkComet RAT operators in the wild[C]//Proceedings of the 2017 IEEE Sym-posium on Security and Privacy, San Jose, May 22-26, 2017. Washington: IEEE Computer Society, 2017: 770-787.
[2] 国家互联网应急中心. 2019年中国互联网网络安全报告[EB/OL]. [2020-07-20]. https://www.cert.org.cn/publish/main/ upload/File/2019%20CNCERT%20Cybersecurity%20analysis. pdf.
[3] Proofpoint. Proofpoint Q3 2019 threat report — Emotet??s return, RATs reign supreme, and more[EB/OL]. [2020-07-20]. https://www.proofpoint.com/us/threat-insight/post/proofpoint-q3-2019-threat-report-emotets-return-rats-reign-supreme-and-more.
[4] ZIMBA A, CHEN H S, WANG Z S, et al. Modeling and detection of the multi-stages of advanced persistent threats attacks based on semi-supervised learning and complex networks characteristics[J]. Future Generation Computer Systems, 2020,106: 501-517.
[5] YIN K S, KHIN M A. Network behavioral features for dete-cting remote access Trojans in the early stage[C]//Proceedings of the VI International Conference on Network, Commun-ication and Computing, Kunming, Dec 8-10, 2017. New York: ACM, 2017: 92-96.
[6] YAMADA M, MORINAGA M, UNNO Y, et al. RAT-based malicious activities detection on enterprise internal networks[C]//Proceedings of the 10th International Conference for Internet Technology and Secured Transactions, London, Dec 14-16, 2015. Piscataway: IEEE, 2015: 321-325.
[7] ZHU H Y, QIAO H, WU Z X, et al. A network behavior analysis method to detect reverse remote access Trojan[C]//Proceedings of the 2018 IEEE 9th International Conference on Software Engineering and Service Science, Beijing, Nov 23-25, 2018. Piscataway: IEEE, 2018: 1007-1010.
[8] YIN K S, KHINE M A. Optimal remote access Trojans detection based on network behavior[J]. International Journal of Electrical and Computer Engineering, 2019, 9(3): 2177-2184.
[9] AHMADI M, ULYANOV D, SEMENOV S, et al. Novel feature extraction, selection and fusion for effective malware family classification[C]//Proceedings of the 6th ACM on Conference on Data and Application Security and Privacy, New Orleans, Mar 9-11, 2016. New York: ACM, 2016: 183-194.
[10] RHODE M, BURNAP P, JONES K. Early stage malware prediction using recurrent neural networks[J]. Computers & Security, 2018, 77: 578-594.
[11] CANALI D, LANZI A, BALZAROTTI D, et al. A quantitat-ive study of accuracy in system call-based malware detection[C]//Proceedings of the 2012 International Symposium on Software Testing and Analysis, Minneapolis, Jul 15-20, 2012. New York: ACM, 2012: 122-132.
[12] VIDAL J M, OROZCO A L S, GARCíA-VILLALBA L J. Alert correlation framework for malware detection by anomaly-based packet payload analysis[J]. Journal of Network and Computer Applications, 2017, 97: 11-22.
[13] CHEN H, CHEN J H, XIAO C L, et al. Intrusion detection method of multiple classifiers under deep learning model[J]. Journal of Frontiers of Computer Science and Technology, 2019, 13(7): 1123-1133.
陈虹, 陈建虎, 肖成龙, 等. 深度学习模型下多分类器的入侵检测方法[J]. 计算机科学与探索, 2019, 13(7): 1123-1133.
[14] SANTIKELLUR P, HAQUE T, AL-ZEWAIRI M, et al. Optimized multi-layer hierarchical network intrusion detection system with genetic algorithms[C]//Proceedings of the 2019 2nd International Conference on New Trends in Computing Sciences, Amman, Oct 9-11, 2019. Piscataway: IEEE, 2019: 1-7.
[15] LI W, LI L H, LI J, et al. Characteristics analysis of traffic behavior of remote access Trojan in three communication phases[J]. Netinfo Security, 2015, 15(5): 10-15.
李巍, 李丽辉, 李佳, 等. 远控型木马通信三阶段流量行为特征分析[J]. 信息网络安全, 2015, 15(5): 10-15.
[16] JIANG W, WU X D, CUI X, et al. A highly efficient remote access Trojan detection method[J]. International Journal of Digital Crime and Forensics, 2019, 11(4): 1-13.
[17] JIANG W. A highly efficient remote access Trojan detection method: CN107370752A[P]. 2017-11-21.
姜伟. 一种高效的远控木马检测方法: CN107370752A[P]. 2017-11-21.
[18] JIANG D, OMOTE K. An approach to detect remote access Trojan in the early stage of communication[C]//Proceedings of the 29th IEEE International Conference on Advanced Information Networking and Applications, Gwangju, Mar 24-27, 2015. Washington: IEEE Computer Society, 2015: 706-713.
[19] ADACHI D, OMOTE K. A host-based detection method of remote access Trojan in the early stage[C]//LNCS 10060:Proceedings of the 12th International Conference on Infor-mation Security Practice and Experience, Zhangjiajie, Nov 16-18, 2016. Cham: Springer, 2016: 110-121.
[20] SONG Z H, GUO C, JIANG C H. A fast Trojan detection method based on network traffic analysis[J]. Computer and Modernization, 2019(6): 9-15.
宋紫华, 郭春, 蒋朝惠. 一种基于网络流量分析的快速木马检测方法[J]. 计算机与现代化, 2019(6): 9-15.
[21] WU S, LIU S L, LIN W, et al. Detecting remote access Trojans through external control at area network borders[C]//Proceedings of the 2017 ACM/IEEE Symposium on Archi-tectures for Networking and Communications Systems, Beijing, May 18-19, 2017. Washington: IEEE Computer Society, 2017: 131-141.
[22] BEAUCHESNE N, PRENGER R J. Method and system for detecting external control of compromised hosts: US2015- 0264069[P]. 2015-09-17.
[23] PALLAPROLU S C, NAMAYANJA J M, JANEJA V P, et al. Label propagation in big data to detect remote access Trojans[C]//Proceedings of the 2016 IEEE International Conference on Big Data, Washington, Dec 5-8, 2016. Washington: IEEE Computer Society, 2016: 3539-3547. |